Differences

This shows you the differences between two versions of the page.

--- securing_your_computer [2019/08/04 15:52] – neil
+++ securing_your_computer [2019/08/09 12:08] – neil
@@ Line 1: / Line 1: @@
 =====Securing your computer =====
+====Key points: ====
+  *[[#Don't share user accounts on your computer|Don't share user accounts on your computer]]
+  *[[#Use a strong password for your computer account|Use a strong password for your computer account]]
+  *[[#Enable the firmware password|Enable the firmware password]]
+  *[[#Turn on disk encryption|Turn on disk encryption]]
+  *[[#Take backups regularly and automatically|Take backups regularly and automatically]]
+  * [[#Encrypt USB drives before storing data on them|Encrypt USB drives before storing data on them]]
+  *[[#Don't trust anyone else's USB sticks|Don't trust anyone else's USB sticks]]
+    *[[#Do not take free USB sticks from conferences|Do not take free USB sticks from conferences]]
+    *[[#Do not use USB sticks as give-aways at conferences|Do not use USB sticks as give-aways at conferences]]
+    *[[#Do not pick up "lost" USB sticks|Do not pick up "lost" USB sticks]]
+  *[[#Enable your computer's firewall|Enable your computer's firewall]]
 A barrister was given a (very small) [[https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2017/03/fine-for-lawyer-who-stored-client-files-on-home-computer/#|monetary penalty notice by the Information Commissioner’s Office]], because of the way in which she handled client personal data on her computer.
@@ Line 14: / Line 27: @@
 If the option is open to you financially, it is safer to have physically separate machines.
-====Use a strong password====
+====Use a strong password for your computer account====
 Create a strong, but memorable, password for your account.
 Here's some [[passwords|guidance on passwords]].
-====Encryption====
+====Enable the firmware password ====
-Full disk encryption v file level encryption
-====Backups====
+Some computers will let you set a separate password for their firmware, which is the initial piece of software which runs when you boot your computer.
-Ensure that you are in control of where your data are residing. Not backing up to a cloud service without you realising it.
-====Don't trust anyone else's USB sticks====
+Some systems require you to enter this password before every boot, while others only require it if you try to boot from a different device (such as from as USB stick).
-===Encrypt USB drives before storing data on them ===
+Use a different password to your user account, and make it a [[passwords|strong password]].
-If you are going to store information on a USB stick (perhaps as a backup), encrypt the drive before you store the information on it.
+[[https://support.apple.com/en-us/HT204455|Apple's instructions for macOS]]
+====Turn on disk encryption====
+If your computer offers disk encryption, turn it on.
+Depending on the software you are using, you may only get the benefit of this when your device is powered off, so turn off your devices (rather than just putting them to sleep) when you are not using them.
+===FileVault for macOS ===
+For macOS, this is FileVault. You can turn it on through System Preferences / Security & Privacy / FileVault.
+Make a note of the recovery key which it shows you. Keep this securely in your password manager, or on a piece of paper in a safe. Someone who has access to this password can decrypt your drive, and access the files and other content on it.
+===Windows ===
+BitLocker?
+====Take backups regularly and automatically====
+[[backups|Here]].
+====Encrypt USB drives before storing data on them ====
+If you are going to store information on a USB stick (perhaps as a backup), either use a USB stick with hardware encryption, or else encrypt the drive before you store the information on it.
 That way, if you lose the drive, or it is stolen, the finder or thief cannot access the information on it.
+====Don't trust anyone else's USB sticks====
+Even if it is coming from your friend, or a trusted colleague, do you know what security they have on their computer? Do you know what state their anti-virus protection is in?
+Get them to transfer you the file some other way, and take precautions when opening it.
@@ Line 48: / Line 89: @@
 Yes, it might suck to feel that you could be a good Samaritan and return someone’s vital information or backup of family photographs, but you have absolutely no idea as to what is on that memory stick, and there’s a chance, perhaps even a strong chance, that it might be an attack.
-===But it’s from my friend…===
-Even if it is coming from your friend, or a trusted colleague, do you know what security they have on their computer? Do you know what state their anti-virus protection is in?
-Get them to transfer you the file some other way, and take precautions when opening it.
 ====Enable your computer's firewall ====